﻿<?php
require_once '../../library/config.php';
require_once '../library/functions.php'; 

checkUser();

$action = isset($_GET['action']) ? $_GET['action'] : '';

switch ($action) {
	
	case 'addNews' :
		addNews();
		break;
		
	case 'modifyNews' :
		modifyNews();
		break;
		
	case 'deleteNews' :
		deleteNews();
		break;
	
	case 'deleteImage' :
		deleteImage();
		break;
    

	default :
	    // if action is not defined or unknown
		// move to main product page
		header('Location: index.php');
}


function addNews()
{
    $chudeId = $_POST['cboCategory'];
    $ten     = $_POST['txtName'];
	$noidung = $_POST['mtxDescription'];
	$tacgia  = $_POST['txtPrice'];
	$tieude  =$_POST['txtQty'];
	
	$images = uploadNewsImage('fleImage', SRV_ROOT . 'images/tintuc/');

	$mainImage = $images['image'];
	
	$sql   = "INSERT INTO tbl_tintuc (Chude_id, Ten, Tieude, Noidung, Tacgia, Ngaydang, Image)
	          VALUES ($chudeId, '$ten', '$tieude', '$noidung', '$tacgia', NOW(), '$mainImage')";

	$result = dbQuery($sql);
	
	header("Location: index.php?chudeId=$chudeId");	
}

/*
	Upload an image and return the uploaded image name 
*/
function uploadNewsImage($inputName, $uploadDir)
{
	$image     = $_FILES[$inputName];
	$imagePath = '';
	//$thumbnailPath = '';
	// if a file is given
	if (trim($image['tmp_name']) != '') {
		$ext = substr(strrchr($image['name'], "."), 1); //$extensions[$image['type']];

		// generate a random new file name to avoid name conflict
		$imagePath = md5(rand() * time()) . ".$ext";
		
		list($width, $height, $type, $attr) = getimagesize($image['tmp_name']); 

		// make sure the image width does not exceed the
		// maximum allowed width
		if (LIMIT_TINTUC_WIDTH && $width > MAX_TINTUC_IMAGE_WIDTH) {
			$result    = createThumbnail($image['tmp_name'], $uploadDir . $imagePath, MAX_TINTUC_IMAGE_WIDTH);
			$imagePath = $result;
		} else {
			$result = move_uploaded_file($image['tmp_name'], $uploadDir . $imagePath);
		}	
		
		if (!$result) {
			$imagePath ='';
		}
		
	}

	
	return array('image' => $imagePath);
}

/*
	Modify a product
*/
function modifyNews()
{
	$newsId = (int)$_GET['newsId'];	
    $chudeId = $_POST['cboCategory'];
    $ten     = $_POST['txtName'];
	$noidung = $_POST['mtxDescription'];
	$tacgia  = $_POST['txtPrice'];
	$tieude  =$_POST['txtQty'];
	
	$images = uploadNewsImage('fleImage', SRV_ROOT . 'images/tintuc/');

	$mainImage = $images['image'];
	//$thumbnail = $images['thumbnail'];

	// if uploading a new image
	// remove old image
	if ($mainImage != '') {
		_deleteImage($newsId);
		
		$mainImage = "'$mainImage'";
		//$thumbnail = "'$thumbnail'";
	} else {
		// if we're not updating the image
		// make sure the old path remain the same
		// in the database
		$mainImage = 'Image';
		//$thumbnail = 'pd_thumbnail';
	}
			
	$sql   = "UPDATE tbl_tintuc 
	          SET Chude_id = $chudeId, Ten = '$ten', Noidung = '$noidung', Tacgia = '$tacgia', 
			      Tieude = '$tieude', Image = $mainImage
			  WHERE Tintuc_id = $newsId";  

	$result = dbQuery($sql);
	
	header('Location: index.php');			  
}

/*
	Remove a product
*/
function deleteNews()
{
	if (isset($_GET['newsId']) && (int)$_GET['newsId'] > 0) {
		$newsId = (int)$_GET['newsId'];
	} else {
		header('Location: index.php');
	}
	
	// remove any references to this product from
	// tbl_order_item and tbl_cart
			
	// get the image name and thumbnail
	$sql = "SELECT Image
	        FROM tbl_tintuc
			WHERE Tintuc_id = $newsId";
			
	$result = dbQuery($sql);
	$row    = dbFetchAssoc($result);
	
	// remove the product image and thumbnail
	if ($row['Image']) {
		unlink(SRV_ROOT . 'images/tintuc/' . $row['Image']);
		//unlink(SRV_ROOT . 'images/tintuc/' . $row['pd_thumbnail']);
	}
	
	// remove the product from database;
	$sql = "DELETE FROM tbl_tintuc 
	        WHERE Tintuc_id = $newsId";
	dbQuery($sql);
	
	header('Location: index.php?chudeId=' . $_GET['chudeId']);
}


/*
	Remove a product image
*/
function deleteImage()
{
	if (isset($_GET['newsId']) && (int)$_GET['newsId'] > 0) {
		$newsId = (int)$_GET['newsId'];
	} else {
		header('Location: index.php');
	}
	
	$deleted = _deleteImage($newsId);

	// update the image and thumbnail name in the database
	$sql = "UPDATE tbl_tintuc
			SET Image = ''
			WHERE Tintuc_id = $newsId";
	dbQuery($sql);		

	header("Location: index.php?view=modify&newsId=$newsId");
}

function _deleteImage($newsId)
{
	// we will return the status
	// whether the image deleted successfully
	$deleted = false;
	
	$sql = "SELECT Image
	        FROM tbl_tintuc
			WHERE Tintuc_id = $newsId";
	$result = dbQuery($sql) or die('Cannot delete news image. ' . mysql_error());
	
	if (dbNumRows($result)) {
		$row = dbFetchAssoc($result);
		extract($row);
		
		if ($pd_image && $pd_thumbnail) {
			// remove the image file
			$deleted = @unlink(SRV_ROOT . "images/tintuc/$Image");
			//$deleted = @unlink(SRV_ROOT . "images/product/$pd_thumbnail");
		}
	}
	
	return $deleted;
}




?>